Some comments

docker-compose.yaml

@@ -2,14 +2,14 @@ version: "2.4"
 
 networks:
   web:
-    # All containers that are router through traefik needs to be on this network
+    # All containers that are routed through traefik needs to be on this network
     external: true
 
-volumes:
-  authelia-config:
-    # Used for pre-processing of authelia configuration
-
 services:
+
+  # Autheal will restart any container that has the label
+  # autoheal: true
+  # and fail their healthcheck
   autoheal:
     container_name: autoheal
     restart: always
@@ -17,6 +17,8 @@ services:
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
 
+  # Traefik reverse proxy. Routes http and ssh trafic to the righ containers
+  # Controlled by container labels, see bottom of this compose file
   traefik:
     container_name: traefik
     image: traefik
@@ -41,6 +43,7 @@ services:
       - ./traefik:/data
     healthcheck:
       # Sometimes, traefik loses connection to authelia. The only thing that works then is a restart, handled by autoheal.
+      # I haven't checked for quite a while if this is still a problem, but might as well leave it in there.
       test: ["CMD", "wget", "-O", "-", "authelia:9091/api/state"]
     labels:
       traefik.enable: true
@@ -50,6 +53,7 @@ services:
       traefik.http.routers.traefik.tls.certResolver: le
       autoheal: "true"
 
+  # Authelia handles access control with 2FA
   authelia:
     container_name: authelia
     image: authelia/authelia
@@ -75,6 +79,7 @@ services:
       traefik.http.routers.authelia.entrypoints: websecure
       autoheal: "true"
 
+  # Homer provides a dashboard for all services. Configured through ./homer/config.yml
   homer:
     container_name: homer
     image: b4bz/homer
@@ -91,6 +96,7 @@ services:
       traefik.http.routers.homer.rule: Host(`${PRIVATE_DOMAIN}`) || Host(`www.${PRIVATE_DOMAIN}`)
       traefik.http.routers.homer.tls.certResolver: le
 
+  # Dozzle is an easy way to view docker logs through a web interface
   dozzle:
     image: amir20/dozzle
     restart: always

traefik/config/network.yaml

@@ -6,10 +6,12 @@ http:
       loadBalancer:
         servers:
           - url: http://192.168.0.1:80
+
     proxmox:
       loadBalancer:
         servers:
           - url: https://192.168.0.10:8006
+          
     prusa:
       loadBalancer:
         servers:
@@ -24,6 +26,7 @@ http:
         - auth
       tls:
         certResolver: le
+
     proxmox:
       service: proxmox
       rule: Host(`proxmox.{{ env "PRIVATE_DOMAIN" }}`)
@@ -31,6 +34,7 @@ http:
         - auth
       tls:
         certResolver: le
+
     prusa:
       service: prusa
       rule: Host(`prusa.{{env "PRIVATE_DOMAIN"}}`)

traefik/traefik.yaml

@@ -23,8 +23,9 @@ entryPoints:
 certificatesResolvers:
   le:
     acme:
-      # caServer: https://acme-staging-v02.api.letsencrypt.org/directory
       # email: SET BY ENV VARIABLE TRAEFIK_CERTIFICATERESOLVERS_LE_ACME_EMAIL
       storage: /data/acme.json
       httpChallenge:
         entrypoint: web
+      # UNCOMMENT NEXT ROW FOR EXPERIMENTATION
+      # caServer: https://acme-staging-v02.api.letsencrypt.org/directory